Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-1894HistoryJul 17, 2009 - 4:30 p.m.
CVE-2009-1894
2009-07-1716:30:00
Debian Security Bug Tracker
security-tracker.debian.org
10
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pulseaudio | <Β 0.9.15-4.1 | pulseaudio_0.9.15-4.1_all.deb |
| Debian | 11 | all | pulseaudio | <Β 0.9.15-4.1 | pulseaudio_0.9.15-4.1_all.deb |
| Debian | 10 | all | pulseaudio | <Β 0.9.15-4.1 | pulseaudio_0.9.15-4.1_all.deb |
| Debian | 999 | all | pulseaudio | <Β 0.9.15-4.1 | pulseaudio_0.9.15-4.1_all.deb |
| Debian | 13 | all | pulseaudio | <Β 0.9.15-4.1 | pulseaudio_0.9.15-4.1_all.deb |
Related
openvas
openvas
Debian Security Advisory DSA 1838-1 (pulseaudio)
2009-07-29 00:00:00
Gentoo Security Advisory GLSA 200907-13 (pulseaudio)
2009-07-29 00:00:00
Mandrake Security Advisory MDVSA-2009:152 (pulseaudio)
2009-07-29 00:00:00
nessus
nessus
GLSA-200907-13 : PulseAudio: Local privilege escalation
2009-07-17 00:00:00
Debian DSA-1838-1 : pulseaudio - privilege escalation
2010-02-24 00:00:00
Mandriva Linux Security Advisory : pulseaudio (MDVSA-2009:152)
2009-07-20 00:00:00
debian
debian
[SECURITY] [DSA 1838-1] New pulseaudio packages fix privilege escalation
2009-07-18 12:18:19
gentoo
gentoo
PulseAudio: Local privilege escalation
2009-07-16 00:00:00
ubuntucve
ubuntucve
CVE-2009-1894
2009-07-17 00:00:00
CVE-2009-1897
2009-07-20 00:00:00
ubuntu
ubuntu
PulseAudio vulnerability
2009-07-16 00:00:00
osv
osv
pulseaudio - privilege escalation
2009-07-18 00:00:00
seebug
seebug
Linux Kernel tun_chr_pool()ε½ζ°η©ΊζιεΌη¨ζΌζ΄
2009-07-20 00:00:00
GNU C library dynamic linker $ORIGIN expansion Vulnerability
2014-07-01 00:00:00
securityvulns
securityvulns
PulseAudio local race condition privilege escalation vulnerability
2009-07-18 00:00:00
PulseAudio race conditions
2009-07-18 00:00:00
cve
cve
CVE-2009-1894
2009-07-17 16:30:00
CVE-2009-1897
2009-07-20 17:30:00
prion
prion
Race condition
2009-07-17 16:30:00
Null pointer dereference
2009-07-20 17:30:00
packetstorm
packetstorm
GNU C Library Dynamic Linker $ORIGIN Expansion Vulnerability
2010-10-19 00:00:00
exploitpack
exploitpack
GNU C library dynamic linker - $ORIGIN Expansion
2010-10-18 00:00:00
exploitdb
exploitdb
GNU C library dynamic linker - '$ORIGIN' Expansion
2010-10-18 00:00:00
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Related for DEBIANCVE:CVE-2009-1894